Day 39 AWS and IAM Basics

Day 39 AWS and IAM Basics

Dear Engineers in today topic we will learn the AWS and IAM Basics.

AWS:

Amazon Web Services is one of the most popular Cloud Provider that has free tier too for students and Cloud enthusiasts for their Hands on While learning.

User Data in AWS:

A) When you launched an instance in Amazon EC2, you have the option of passing user data to the instance that can be used to perform common automated configuration tasks and even run scripts after the instance starts. You can pass 2 types of user data to Amazon Ec2: Shell scripts and Cloud-init directives.

B) You may also pass this data into the launch instance wizard as plain text,as a file or as base64-encoded text (for API calls)

C) This will save time and manual effort every time you launch an instance and want to install any applications on it like Apache, docker,jenkins etc.

IAM:

AWS Identity access Management (IAM) is a web service that helps you securely control access to AWS resources. With IAM,you can centrally manage permissions that control which AWS resources users can access. You use IAM to control who is authenticated (Signed in) and authorized (has permissions) to use resources.

Now let's take a Example task for the Ec2 Instance:-

Task 1:

Launch Ec2 instance with already installed Jenkins on it. Once server shows up in console, hit the IP address in browser and you Jenkins page should be visible.

Take screenshot of user data and jenkins page, this will verify the task completion.

A) Log in to AWS Management console and navigate to the Ec2 dashboard.

B) Click on the "Launch instance" button to start the process of launching a new Ec2 Instance.

C) Choose an Amazon Machine image (AMI).

No alt text provided for this image
Choose an Amazon Machine image (AMI). diagram.

Select an instance type, configure your instance details (such as the number of instances, network settings, and storage).

No alt text provided for this image
number of instances, network settings, and storage Diagram.

Go to advanced details

No alt text provided for this image
Go to advanced details Diagram.

In the user data field, enter the following script to install Jenkins and its dependencies:

No alt text provided for this image
In the user data field, enter the following script to install Jenkins and its dependencies: Diagram.

Create a security group that allows inbound traffic on port 8080 for Jenkins.

No alt text provided for this image
Create a security group that allows inbound traffic on port 8080 for Jenkins. Diagram.

Copy public-ip address

No alt text provided for this image

Open your web browser and enter the IP address of the instance followed by port number 8080 (e.g., http://<public-ip>:8080). This will take you to the Jenkins login page

No alt text provided for this image
(e.g., http://<public-ip>:8080) Diagram.

Task2:

Read more on IAM Roles and explain the IAM Users, Groups and Roles in your own terms.

IAM (identity and access management) is an AWS Service that allows you to manage users, groups and roles in your AWS environment. These three components work together to provides granular access control and permissions for your AWS resource.

IAM Users:

IAM users are individual AWS accounts that you create for the people or applications that require access to your AWS resources. Each user has a unique set of security credentials,modify and delete users as needed,and grant them specific permissions to access or manage AWS resources.

IAM Roles:

IAM Roles are another way to manage access to AWS resources. Roles are similar to users but they are not associated with a specific person or account. Instead roles are assumed by trusted entities, such as Ec2 instances Lambda functions or other AWS services. Roles can have permissions policies attached to them, which define the specific permissions that the role is allowed to use.

Create 3 Roles named: DevOps-user, Test-User and Admin.

Log in to the AWS Management Console and navigate to the IAM dashboard.

Click on Roles in the left-hand menu and then click on the "Create role" button.

No alt text provided for this image
Create role" button. Diagram

Choose the appropriate use case for the role. For example, if you want to create a role for an EC2 instance, choose "AWS service" and then EC2.

No alt text provided for this image
AWS service" and then EC2. Digram.

Select the appropriate permissions policies for the role. you can choose form existing policies or create a custom policy.

No alt text provided for this image
choose form existing policies or create a custom policy. Diagram.

Enter a name for the role and click "Create role"

No alt text provided for this image
Enter a name for the role and click "Create role" Digram

Repeat the above steps for each role you want to create: DevOps-user, Test-User,and Admin.

Create a Test-User role.

No alt text provided for this image

Create a Admin role.

Once the roles are created, you can assign them to individual IAM users or groups as needed, and control their access to AWS resources.


Hope this article helped you in understanding the concept.

Happy Learning !!


Next Topic:

Day 40 AWS EC2 Automation










To view or add a comment, sign in

More articles by Maninder Singh

  • Artificial Intelligence for DevOps Engineer

    Artificial Intelligence for DevOps Engineer

    Dear learners, In today article we will explain the Artificial Intelligence for the DevOps Engineers. Important Aspects…

    12 Comments
  • Bash Shell Scripting:- Lesson 7,8 &9 for DevOps Engineers.

    Bash Shell Scripting:- Lesson 7,8 &9 for DevOps Engineers.

    Dear Learners, In Today Topic, We will learn the Shell Scripting form Basics to Advanced for DevOps Engineers. Course…

    3 Comments
  • Bash Shell Scripting:- Lesson 4,5 &6 for DevOps Engineers.

    Bash Shell Scripting:- Lesson 4,5 &6 for DevOps Engineers.

    Dear Learners, In Today Topic, We will learn the Shell Scripting form Basics to Advanced for DevOps Engineers. Course…

    3 Comments
  • Bash Shell Scripting:- Lesson 1,2 &3 for DevOps Engineers.

    Bash Shell Scripting:- Lesson 1,2 &3 for DevOps Engineers.

    Dear Learners, In Today Topic, We will learn the Shell Scripting form Basics to Advanced for DevOps Engineers. Course…

    3 Comments
  • EP 2 DevOps:- 2 Tier Application Deployment

    EP 2 DevOps:- 2 Tier Application Deployment

    2-Tier Application Deployment Diagram (Architecture) Dear Learners in today topic we will deploy a 2 Tier Application…

    8 Comments
  • DevOps Engineers:- Docker Cheat Sheet

    DevOps Engineers:- Docker Cheat Sheet

    Dear learner, presented below is a concise yet comprehensive Docker cheat sheet, complete with detailed commands and…

    7 Comments
  • DevOps (Day-90): Ending the challengs

    DevOps (Day-90): Ending the challengs

    Table of Contents: Flashback Self-Impact of Learning Today, We have completed the 90days of DevOps challenge where we…

    16 Comments
  • DevOps (Day-88): Kubernetes Architecture

    DevOps (Day-88): Kubernetes Architecture

    Dear Learner's in today topic we will discuss the Kubernetes Architecture in detail. Table of Contents Kubernetes…

    1 Comment
  • DevOps (Day-87): Argo CD

    DevOps (Day-87): Argo CD

    Dear Learners in today topic we will the discuss the Argo CD in Kubernetes. Table of Contents Challenges with CD into…

    13 Comments
  • DevOps (Day-86): Project-7 Portfolio App

    DevOps (Day-86): Project-7 Portfolio App

    Dear Learners in Today's article we will deploying a Portfolio app on AWS S3 Bucket using GitHub. Table of Contents:…

    10 Comments

Insights from the community

Others also viewed

Explore topics